Guest checkout creates account even when not requested

3
votes

When a guest user checks out, and he doesn’t choose to create an account, the account is created all the same. Besides this, when the user tries to “register” his account with the email he used to make the purchase, the system logs in even without requesting for a password.

Here I show with screenshots the steps that I took.

Failed solutions

  • Disabling all plugins, leaving only Woocommerce and the Storefront theme enabled.
  • Enable/Disable the option “Allow customers to log into an existing account during checkout” in Woocommerce > Settings > Account & Privacy.
  • Checked this answer but I'm not selling any subscription products.

Instance info

Other configurations I have enabled in Woocommerce > Settings > Account & Privacy are the following:

  • Allow customers to place orders without an account
  • Allow customers to create an account during checkout
  • Allow customers to create an account on the “My account” page
  • When creating an account, automatically generate an account username for the customer based on their name, surname or email
  • When creating an account, automatically generate an account password

And here is the information regarding the WordPress production instance (I also tested the same error in a WAMP instance in Windows):

### wp-core ###

version: 5.3.2
site_language: en_US
user_language: en_US
timezone: +01:00
permalink: /%year%/%monthnum%/%day%/%postname%/
https_status: true
user_registration: 0
default_comment_status: open
multisite: false
user_count: 11
dotorg_communication: true

### wp-active-theme ###

name: Storefront Child Theme (storefront-child)
version: 1.0.0
author_website: (undefined)
parent_theme: Storefront (storefront)
theme_features: post-thumbnails, automatic-feed-links, custom-logo, menus, html5, custom-background, custom-header, site-logo, title-tag, customize-selective-refresh-widgets, wp-block-styles, align-wide, editor-styles, editor-font-sizes, editor-style, responsive-embeds, woocommerce, wc-product-gallery-zoom, wc-product-gallery-lightbox, wc-product-gallery-slider, starter-content, widgets

### wp-parent-theme ###

name: Storefront (storefront)
version: 2.5.3
author: Automattic
author_website: https://woocommerce.com/

### wp-themes-inactive (1) ###

Twenty Twenty: version: 1.0, author: the WordPress team (latest version: 1.1)

### wp-plugins-active (10) ###

Autoptimize: version: 2.5.1, author: Frank Goossens (futtta) (latest version: 2.6.1)
Contact Form 7: version: 5.1.5, author: Takayuki Miyoshi (latest version: 5.1.6)
GDPR Cookie Consent: version: 1.8.2, author: WebToffee
TeraWallet: version: 1.3.11, author: WCBeginner
Tidio Chat: version: 4.2.1, author: Tidio Ltd.
WooCommerce: version: 3.8.0, author: Automattic (latest version: 3.8.1)
WooCommerce Admin: version: 0.22.0, author: WooCommerce (latest version: 0.24.0)
WooCommerce Stripe Gateway: version: 4.3.1, author: WooCommerce
YITH WooCommerce Social Login: version: 1.3.7, author: YITH (latest version: 1.3.9)
Yoast SEO: version: 12.5.1, author: Team Yoast (latest version: 12.8)

### wp-plugins-inactive (3) ###

All-in-One WP Migration: version: 7.10, author: ServMask (latest version: 7.14)
Order Delivery Date for WooCommerce (Lite version): version: 3.10, author: Tyche Softwares
Query Monitor: version: 3.4.0, author: John Blackbourn (latest version: 3.5.2)

### wp-media ###

image_editor: WP_Image_Editor_GD
imagick_module_version: Not available
imagemagick_version: Not available
gd_version: bundled (2.1.0 compatible)
ghostscript_version: unknown

### wp-server ###

server_architecture: Linux 2.6.32-754.14.2.el6.x86_64 x86_64
httpd_software: Apache
php_version: 7.0.33 64bit
php_sapi: cgi-fcgi
max_input_variables: 8000
time_limit: 30
memory_limit: 512M
max_input_time: 180
upload_max_size: 2M
php_post_max_size: 8M
curl_version: 7.67.0 OpenSSL/1.0.2t
suhosin: false
imagick_availability: false
htaccess_extra_rules: true

### wp-database ###

extension: mysqli
server_version: 10.3.21-MariaDB
client_version: mysqlnd 5.0.12-dev - 20150407 - $Id: b5c5906d452ec590732a93b051f3827e02749b83 $

### wp-constants ###

WP_HOME: undefined
WP_SITEURL: undefined
WP_MAX_MEMORY_LIMIT: 512M
WP_DEBUG: false
WP_DEBUG_DISPLAY: true
WP_DEBUG_LOG: false
SCRIPT_DEBUG: false
WP_CACHE: false
CONCATENATE_SCRIPTS: undefined
COMPRESS_SCRIPTS: undefined
COMPRESS_CSS: undefined
WP_LOCAL_DEV: undefined
DB_CHARSET: utf8mb4
DB_COLLATE: undefined

### wp-filesystem ###

wordpress: writable
wp-content: writable
uploads: writable
plugins: writable
themes: writable
1
phpwordpresswoocommerce

1 Answers

1
votes

Answer from Joey (@jricketts4) in the woocommerce forum:

Hi @pirralhobat,

It took me a minute to grasp onto what you were reporting, but I finally got it. What we’re seeing here is expected behavior and doesn’t actually require the first 2 steps you documented with screenshots.

The reason this is happening is a combination of three settings:

  • Allow customers to create an account on the “My account” page
  • When creating an account, automatically generate an account username for the customer based on their name, surname or email
  • When creating an account, automatically generate an account password

Disabling just one of the following will “fix” the problem you’re not wanting to see:

  • Allow customers to create an account on the “My account” page
  • When creating an account, automatically generate an account password

Either a) you won’t be allowing your customers to register via the My Account page, or b) you won’t be auto-generating a password during that registration (requiring your customers to enter their own password).

If any of this doesn’t make sense, please let me know!

The problem was indeed one of interpretation of the configurations.

I ended up disabling the “When creating an account, automatically generate an account password” and adding code to make email validation, so that users who used the website in the past to make purchases are validated. This ends up blocking any user that tries to create accounts with emails previously used to make purchases.